LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
23429 Commits
1 Branch
46 MiB
Tree: 5d8d4fbbcb
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '5d8d4fbbcb'
${ noResults }
openwrt-packages-dist/admin/ipmitool/patches/0004-ID-480-Call-EVP_CIPHER...

139 lines
3.5 KiB
Raw Normal View History

ipmitool: add openssl 1.1.0 compatibility The patches have been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
3 years ago
ipmitool: add openssl 1.1.0 compatibility The patches have been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
3 years ago
ipmitool: add openssl 1.1.0 compatibility The patches have been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
3 years ago
ipmitool: add openssl 1.1.0 compatibility The patches have been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
3 years ago
ipmitool: add openssl 1.1.0 compatibility The patches have been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
3 years ago
ipmitool: add openssl 1.1.0 compatibility The patches have been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
3 years ago
ipmitool: add openssl 1.1.0 compatibility The patches have been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
3 years ago
ipmitool: add openssl 1.1.0 compatibility The patches have been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
treewide: Run refresh on all packages The crude loop I wrote to come up with this changeset: find -L package/feeds/packages/ -name patches | \ sed 's/patches$/refresh/' | sort | xargs make Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
3 years ago
ipmitool: add openssl 1.1.0 compatibility The patches have been merged upstream. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
 
  1. From 1664902525a1c3771b4d8b3ccab7ea1ba6b2bdd1 Mon Sep 17 00:00:00 2001
  2. From: Holger Liebig <holger.liebig@ts.fujitsu.com>
  3. Date: Tue, 4 Apr 2017 20:43:05 +0200
  4. Subject: [PATCH 4/4] ID:480 - Call EVP_CIPHER_CTX_free() instead of
  5.  EVP_CIPHER_CTX_cleanup()
  6. 

  7. Call EVP_CIPHER_CTX_free() instead of EVP_CIPHER_CTX_cleanup() to fix memory
  8. leak.
  9. ---

  10.  src/plugins/lanplus/lanplus_crypt_impl.c | 44 +++++++++++++++++---------------
  11.  1 file changed, 23 insertions(+), 21 deletions(-)
  12. 

  13. --- a/src/plugins/lanplus/lanplus_crypt_impl.c

  14. +++ b/src/plugins/lanplus/lanplus_crypt_impl.c

  15. @@ -165,13 +165,6 @@ lanplus_encrypt_aes_cbc_128(const uint8_

  16.  							uint32_t        * bytes_written)
  17.  {
  18.  	EVP_CIPHER_CTX *ctx = NULL;
  19. -	ctx = EVP_CIPHER_CTX_new();

  20. -	if (ctx == NULL) {

  21. -		*bytes_written = 0;

  22. -		return;

  23. -	}

  24. -	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);

  25. -	EVP_CIPHER_CTX_set_padding(ctx, 0);

  26.  
  27.  	*bytes_written = 0;
  28.  
  29. @@ -185,6 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_

  30.  		printbuf(input, input_length, "encrypting this data");
  31.  	}
  32.  
  33. +	ctx = EVP_CIPHER_CTX_new();

  34. +	if (ctx == NULL) {

  35. +		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");

  36. +		return;

  37. +	}

  38. +	EVP_CIPHER_CTX_init(ctx);

  39. +	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);

  40. +	EVP_CIPHER_CTX_set_padding(ctx, 0);

  41.  
  42.  	/*
  43.  	 * The default implementation adds a whole block of padding if the input
  44. @@ -198,7 +199,6 @@ lanplus_encrypt_aes_cbc_128(const uint8_

  45.  	{
  46.  		/* Error */
  47.  		*bytes_written = 0;
  48. -		return;

  49.  	}
  50.  	else
  51.  	{
  52. @@ -206,16 +206,17 @@ lanplus_encrypt_aes_cbc_128(const uint8_

  53.  
  54.  		if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
  55.  		{
  56. +			/* Error */

  57.  			*bytes_written = 0;
  58. -			return; /* Error */

  59.  		}
  60.  		else
  61.  		{
  62.  			/* Success */
  63.  			*bytes_written += tmplen;
  64. -			EVP_CIPHER_CTX_cleanup(ctx);

  65.  		}
  66.  	}
  67. +	/* performs cleanup and free */

  68. +	EVP_CIPHER_CTX_free(ctx);

  69.  }
  70.  
  71.  
  72. @@ -243,13 +244,6 @@ lanplus_decrypt_aes_cbc_128(const uint8_

  73.  							uint32_t        * bytes_written)
  74.  {
  75.  	EVP_CIPHER_CTX *ctx = NULL;
  76. -	ctx = EVP_CIPHER_CTX_new();

  77. -	if (ctx == NULL) {

  78. -		*bytes_written = 0;

  79. -		return;

  80. -	}

  81. -	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);

  82. -	EVP_CIPHER_CTX_set_padding(ctx, 0);

  83.  
  84.  	if (verbose >= 5)
  85.  	{
  86. @@ -258,12 +252,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_

  87.  		printbuf(input, input_length, "decrypting this data");
  88.  	}
  89.  
  90. -

  91.  	*bytes_written = 0;
  92.  
  93.  	if (input_length == 0)
  94.  		return;
  95.  
  96. +	ctx = EVP_CIPHER_CTX_new();

  97. +	if (ctx == NULL) {

  98. +		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");

  99. +		return;

  100. +	}

  101. +	EVP_CIPHER_CTX_init(ctx);

  102. +	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);

  103. +	EVP_CIPHER_CTX_set_padding(ctx, 0);

  104. +

  105.  	/*
  106.  	 * The default implementation adds a whole block of padding if the input
  107.  	 * data is perfectly aligned.  We would like to keep that from happening.
  108. @@ -277,7 +279,6 @@ lanplus_decrypt_aes_cbc_128(const uint8_

  109.  		/* Error */
  110.  		lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
  111.  		*bytes_written = 0;
  112. -		return;

  113.  	}
  114.  	else
  115.  	{
  116. @@ -285,20 +286,21 @@ lanplus_decrypt_aes_cbc_128(const uint8_

  117.  
  118.  		if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
  119.  		{
  120. +			/* Error */

  121.  			char buffer[1000];
  122.  			ERR_error_string(ERR_get_error(), buffer);
  123.  			lprintf(LOG_DEBUG, "the ERR error %s", buffer);
  124.  			lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
  125.  			*bytes_written = 0;
  126. -			return; /* Error */

  127.  		}
  128.  		else
  129.  		{
  130.  			/* Success */
  131.  			*bytes_written += tmplen;
  132. -			EVP_CIPHER_CTX_cleanup(ctx);

  133.  		}
  134.  	}
  135. +	/* performs cleanup and free */

  136. +	EVP_CIPHER_CTX_free(ctx);

  137.  
  138.  	if (verbose >= 5)
  139.  	{